5
submitted 5 days ago by thomask to c/planetsmolnet
52
Microsoft FrontPage (microsoft.fandom.com)
submitted 2 weeks ago by thomask to c/retronet
11
Coding for a Finite World (yoric.github.io)
submitted 2 weeks ago by thomask to c/permacomputing
17
Go Turns 15 (go.dev)
submitted 2 weeks ago by thomask to c/golang@programming.dev
22
submitted 2 weeks ago by thomask to c/cybersecurity@sh.itjust.works
111
submitted 3 months ago by thomask to c/rust@programming.dev
[-] thomask 16 points 3 months ago

What's the deal with the Google ad that shows a legit URL but takes users to another? That seems like the biggest issue here and the article just rolls past it like that's totally normal.

11
submitted 4 months ago by thomask to c/retronet
38
submitted 5 months ago by thomask to c/cybersecurity@sh.itjust.works

The following summary from Debian's security list:

The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suite, is prone to a signal handler race condition. If a client does not authenticate within LoginGraceTime seconds (120 by default), then sshd's SIGALRM handler is called asynchronously and calls various functions that are not async-signal-safe. A remote unauthenticated attacker can take advantage of this flaw to execute arbitrary code with root privileges. This flaw affects sshd in its default configuration.

19
submitted 5 months ago by thomask to c/retrocomputing
40
submitted 5 months ago by thomask to c/programming@programming.dev

Martin Kleppmann sets out a vision: "In local-first software, the availability of another computer should never prevent you from working."

He describes the evolution of how to classify local-first software, how it differs from offline-first, and proposes a bold future where data sync servers are a commodity working in tandem with peer-to-peer sync, freeing both developers and users from lock-in concerns.

30
submitted 5 months ago by thomask to c/retronet
35
submitted 5 months ago by thomask to c/cybersecurity@sh.itjust.works
[-] thomask 13 points 6 months ago

Hmm wasn't there some kerfuffle recently about how the kernel was going to start self-issuing CVEs en masse? Is this the result of that plan?

[-] thomask 11 points 8 months ago

IrfanView, now that's the good stuff

[-] thomask 48 points 1 year ago

That is the discussion. Microsoft is pretending by making it the upgrade path for two products which actually are local, and hoping users won't notice.

[-] thomask 14 points 1 year ago

Honestly I'm glad they highlighted the telemetry. I went through the local report about what's included and while it's not an upsetting level of detail, it's more comprehensive than I would have opted in to if asked.

Still, as sibling points out it's in a completely different league from slurping up your IMAP creds, something which has always been local-only data. This is the second time I know of recently where MS has trampled on this kind of local-only expectation - the other was Edge defaulting to sending the contents of textboxes you're filling out on webpages to the MS cloud for spelling and grammar checks. Thunderbird is still a sound recommendation, and unlike Microsoft, I trust that if I uncheck the telemetry box they're not going to try to get me some other way.

[-] thomask 17 points 1 year ago

Sitting there watching with satisfaction as MSDOS 6.22 DEFRAG.EXE did its thing.

[-] thomask 20 points 1 year ago

Not necessarily in the fediverse world. If server costs are being covered by donations from 4% of users, a volunteer admin will probably be quite happy whereas a commercial operator will undoubtedly think "damn I have 96% freeloaders, that's leaving money on the table".

[-] thomask 12 points 1 year ago

Lots of previous discussion on this thread: https://lemmy.sdf.org/post/578847

[-] thomask 30 points 1 year ago* (last edited 1 year ago)

Ask yourself, in three years from now will you be thinking "it's so nice how Meta lets me follow and interact with their enormous userbase for free, without advertising, using my own open source server and frontend"?

Remember that's the basic expectation today for a participant in the fediverse. If this feels implausible, doing anything else is very incompatible with the fediverse's existing values.

The problem isn't just that it's Meta, it's any situation where a much larger actor comes in with different motivations. Today we have a small number of users whose servers are almost exclusively run on a "community service" model. Meta is an advertising business. They are much bigger and will define the fediverse if allowed in. If we allow them to connect, it should be much later after organic growth which means we can assimilate them properly and deflect any bad behaviour.

What might happen if Meta throws their weight around? I can predict at least three outcomes

  • Proprietary variations to ActivityPub, probably starting with something that seems "understandable" like moderation reasons.
  • Certain new features get centralised on Meta's servers only (e.g. search) claiming that it's for efficiency in the distributed environment.
  • Claiming spam problems, require individual instance operators or their users to verify themselves with Meta to enable federation.

The question in my mind is whether their intention is to destroy the competition, or keep the fediverse alive as a way to claim that they are not a technical monopoly that needs to be broken up by regulators, in the same way that Google provides most of the funding for Firefox.

[-] thomask 12 points 1 year ago

Thanks for all the work on the instance!

[-] thomask 10 points 1 year ago

Yes. The interaction with the Rust Foundation is described in the linked RFC.

The Council is responsible for establishing the process for selecting Project directors. The Project directors are the mechanism by which the Rust Project's interests are reflected on the Rust Foundation board.

The Council delegates a purview to the Project directors to represent the Project's interests on the Foundation Board and to make certain decisions on Foundation-related matters. The exact boundaries of that purview are out of scope for this RFC.

view more: next ›

thomask

joined 1 year ago
MODERATOR OF